Magma Artifactory - magma/magma GitHub Wiki
This page documents the usage and the structure of the Magma artifactory located at https://linuxfoundation.jfrog.io/.
The artifactory holds Magma artifacts and third party dependencies. This includes Debian artifacts, Docker images, Helm charts and general blobs (e.g., Go is uploaded for caching reasons). All artifacts are published by CI workflows. The artifactory is not intended for manually publishing artifacts. The artifacts are used in CI for testing and the setup of environments, in local development and in production environments.
The artifactory is hosted by the Linux Foundation and is a JFrog instance. Write access tokens are configured as GitHub secrets in the Magma GitHub account. These tokens are not distributed for local usage. All write access must happen via GitHub workflows running on the Magma GitHub account. The artifactory is shared by multiple parties. Magma related sections are prefixed by magma-
(see Structure for details)
General support can be queried via the Magma Slack at #questions-to-linux-foundation-it but this should usually be accompanied by opening an issue in the Linux Foundation service desk.
A general structural overview can be found at https://linuxfoundation.jfrog.io/ui/repos/tree/General. All Magma related sections are prefixed by magma-
. JFrog has a concept of "Virtual Repositories", i.e., a virtual repository can hold a number of physical repositories. This is, virtual repositories are not only aliases for physical repositories, but can also hold a union of multiple physical repositories. In general it is a good practice to only use virtual repositories in code (for read access), so that physical repositories can be renamed or more repositories can be added.
Magma Debian artifacts include the Magma access gateway, sctpd, the dhcp CLI and third party dependencies (packaged python dependencies and patched or self compiled libraries).
i386
, but seem to be unused), inconsistent use of folder structures, etc.
An apt sources entry for Magma has the following form:
deb https://linuxfoundation.jfrog.io/artifactory/<repository> <distribution> main
This is, only deb
is supported and no, e.g., sources. The only available component is main
and no, e.g., further staging. Usually, the architecture of artifacts is labeled as amd64
, arm64
or all
. The different repositories and distributions are described in the following.
This repository holds Debian artifacts for CI, local development and for testing releases. Important distributions are focal-ci
and focal-1.x.y
(e.g., focal-1.8.0
). Note that the distributions are located in a sub-folder pool
(e.g., https://linuxfoundation.jfrog.io/ui/native/magma-packages-test/pool/focal-ci/
). This is different to the production repository (see below).
The distribution focal-ci
holds artifacts that are published directly from the current master. These artifacts are used in CI and in local development for testing.
The distributions focal-1.x.y
are used to test release branches. Usually when a release branch is created, all publishing endpoints are switch from focal-ci
to focal-1.x.y
. The CI then creates the artifacts for the new distribution. These artifacts can now be used to test the release candidate.
This repository is for production use. In comparison with magma-packages-test
, no pool
sub-folder is used and there is no focal-ci
distribution. When a release candidate was tested successfully then the respective distribution becomes promoted to magma-packages-prod, i.e., artifacts are copied from magma-packages-test
and not built and published.
The virtual repository magma-packages
contains only magma-packages-prod
.
Besides the Magma components that are only modeled by Docker images (orc8r, feg and cwag), also the Docker version of the access gateway are regularly built in CI and published to the artifactory.
The test repositories for Docker images are magma-docker-agw-test
, magma-docker-cwag-test
, magma-docker-feg-test
and magma-docker-orc8r-test
. These repositories are bundled in the virtual repository magma-docker-test
.
magma-docker-agw-ci
. This repository was intended for publishing images built on pull requests. This was never finished (i.e., the repository should be removed).
Each Docker test repository has a respective prod repository. These repositories are bundled into the virtual repository magma-docker
.
Helm charts are published by CI into the repository magma-helm-test
. Production charts are promoted from the test repository to magma-helm-prod
. The virtual repository magma-helm
is an alias for magma-helm-prod
.
The repository magma-blob
is intended for publishing miscellaneous artifacts. Currently this is mainly used to publish Go versions that are used in various places in Magma. The reason is that the public Go repositories can be unstable regarding connectivity.
See various code examples in the Magma repository how the different repositories can be accessed for read access.
For access to the Debian artifacts a gpg key is needed. The key is checked into the Magma repository. The key can be downloaded directly from the artifactory via the URL https://linuxfoundation.jfrog.io/artifactory/api/security/keypair/magmaci/public.
Only CI workflows are allowed to write to the artifactory. Special operations, e.g., deleting wrongly uploaded artifacts need to be coordinated with the support.
arm64
architecture. Only artifacts for amd64
and all architecture are created and published in CI.
The following workflows publish artifacts to test repositories.
- Workflow file:
.github/workflows/build_all.yml
- Conditions: when run on master or on a release branch
- With make created access gateway Debian artifacts published to
magma-packages-test
- Helm charts published to
magma-helm-test
- Orc8r images published to
magma-docker-orc8r-test
- CWAG images published to
magma-docker-cwag-test
- CWF-operator image published to
magma-docker-cwag-test
- FEG images published to
magma-docker-feg-test
- NMS images published to
magma-docker-orc8r-test
- DP images published to
magma-docker-orc8r-test
- Workflow file:
.github/workflows/bazel.yml
- Conditions: when run on master
- With Bazel created access gateway Debian artifacts published to
magma-packages-test
- Workflow file:
.github/workflows/agw-build-publish-container.yml
- Conditions: when run on master or on a release branch
- Access gateway Docker images published to
magma-docker-agw-test
- Workflow file:
.github/workflows/magma-build-openvswitch.yml
- Conditions: when run manually, needs distribution to be set (e.g.,
focal-ci
orfocal-1.8.0
) - Builds and publishes the patched open vSwitch artifacts to
magma-packages-test
- Workflow file:
.github/workflows/magma-build-3rd-party.yml
- Conditions: when run manually, needs distribution to be set (e.g.,
focal-ci
orfocal-1.8.0
) - Builds and publishes the third party artifacts to
magma-packages-test
- Workflow file:
.github/workflows/magma-publish-go.yml
- Conditions: when run manually, needs Go version to be published
- Downloads a respective Go version and publishes the artifact to
magma-blob
for caching reasons
The following workflows promote artifacts from the test repositories to the production repository.
- Workflow file:
.github/workflows/debian-packages-promote.yml
- Conditions: when run manually
- Promotes (copies) Debian artifacts from
magma-packages-test
tomagma-packages-prod
- Workflow file:
.github/workflows/docker-promote.yml
- Conditions: when run manually
- Promotes (copies) Docker images from
magma-docker-test
tomagma-docker
- Workflow file:
.github/workflows/helm-promote.yml
- Conditions: when run manually
- Promotes (copies) Helm charts from
magma-helm-test
tomagma-helm-prod